Jennifer Granick fights for civil liberties in an age of massive surveillance and powerful digital technology. As the new surveillance and cybersecurity counsel with the ACLU's Speech, Privacy and Technology Project, she litigates, speaks, and writes about privacy, security, technology, and constitutional rights. Granick is the author of the bookAmerican Spies: Modern Surveillance, Why You Should Care, and What To Do About It, published by Cambridge Press and winner of the 2016 Palmer Civil Liberties Prize.

Granick spent much of her career helping create Stanford Law School’s Center for Internet and Society. From 2001 to 2007, she was Executive Director of CIS and founded the Cyberlaw Clinic, where she supervised students in working on some of the most important cyberlaw cases that took place during her tenure. For example, she was the primary crafter of a 2006 exception to the Digital Millennium Copyright Act which allows mobile telephone owners to legally circumvent the firmware locking their device to a single carrier. From 2012 to 2017, Granick was Civil Liberties Director specializing in and teaching surveillance law, cybersecurity, encryption policy, and the Fourth Amendment. In that capacity, she has published widely on U.S. government surveillance practices, and helped educate judges and congressional staffers on these issues. Granick also served as the Civil Liberties Director at the Electronic Frontier Foundation from 2007-2010. Earlier in her career, Granick spent almost a decade practicing criminal defense law in California.

Granick’s work is well-known in privacy and security circles. Her keynote, "Lifecycle of a Revolution" for the 2015 Black Hat USA security conference electrified and depressed the audience in equal measure. In March of 2016, she received Duo Security’s Women in Security Academic Award for her expertise in the field as well as her direction and guidance for young women in the security industry. Senator Ron Wyden (D-Ore) has called Granick an "NBA all-star of surveillance law.”

The Internet is under threat, mostly from governments. We need companies to help people stand up to government threats, but companies cannot solve the problems for us. This is what I told the audience on Thursday, at an event co-hosted by CIS and the Program on Liberation Technology.

Tomorrow, all five members of the Privacy and Civil Liberties Oversight Board (PCLOB) will testify before the Senate Judiciary Committee about their recent report concluding that the National Security Agency’s (NSA) bulk collection of phone records under section 215 is illegal and ill-advised. Meanwhile, the PCLOB is gearing up to report in a few months its conclusions regarding mass surveillance of the content of Internet transactions under section 702 of the FISA Amendments Act

Today, Stanford’s Center for Internet and Society joins Greenpeace, Mozilla, Electronic Frontier Foundation, the Libertarian Party, and an array of ideologically diverse groups in The Day We Fight Back against mass surveillance.

Yesterday, I wrote generally about the problems with section 702 of the FISA Amendments Act (FAA). Today I focus on categories of information—including content—that NSA collects under section 702 but maybe never minimizes—meaning one of the few safeguards for U.S. person privacy is non-existent. In short, since the thirteen-page 702 minimization procedures only apply to communications, and since today's NSA probably excludes unshared cloud-stored data from the definition of communications, it's possible no minimization rules apply to protect American privacy.

I've written a lot about the problems with the FISA Amendments Act and section 702, which is the legal basis for the PRISM surveillance program and involves warrantless collection of communications contents via targeting non-U.S. individuals or entities reasonably believed to be located abroad.

Pages

Encryption helps human rights workers, activists, journalists, financial institutions, innovative businesses, and governments protect the confidentiality, integrity, and economic value of their activities. However, strong encryption may mean that governments cannot make sense of data they would otherwise be able to lawfully access in a criminal or intelligence investigation.

Arguing that a defendant’s conviction for website hacking should be overturned because legitimate, highly valuable security and privacy research commonly employs techniques that are essentially identical to what the defendant did and that such independent research is of great value to academics, government regulators and the public even when – often especially when — conducted without a website owner’s permission.

Arguing that if the court should not compel Apple to create software to enable unlocking and search of the San Bernardino shooter’s iPhone, it will jeopardize digital and personal security more generally.

After the Estate of James Joyce refused to allow a scholar to quote Joyce in her book, we successfully defended her right under the fair use doctrine to use the quotes she needed to illustrate her scholarship. After we prevailed in the case, the Estate paid $240,000 of our client’s legal fees.

Pages

Today, the Office of the Director of National Intelligence (ODNI) announced that it would stop some of the surveillance it conducts on the telecommunications backbone under authority granted by section 702 of the FISA Amendments Act.

On Wednesday, the Republican chair of the House Intelligence Committee, Devin Nunes (R-CA), gave a press conference in which he reported that Trump transition team members’ communications were intercepted by US intelligence agencies through “incidental collection.” This follows on Nunes’ concerns, after Michael Flynn stepped down following intelligence reports that he had talked to the Russian ambassador.

Does the House Permanent Select Committee on Intelligence understand intelligence gathering?

After all, that committee is charged with oversight over the United States’ vast surveillance bureaucracy. And yet, comments from the chair of the committee, Rep. Devin Nunes (R-Calif.), suggest that he is unclear on the concept.

Pages

"If voice-based accent detection can determine a person’s ethnic background, it opens up a new category of information that is incredibly interesting to the government, said Jennifer King, director of consumer privacy at Stanford Law School’s Center for Internet and Society.

“If you’re a company and you’re creating new classifications of data, and the government is interested in them, you’d be naive to think that law enforcement isn’t going to come after it,” she said.

"The Apple-FBI fight over encryption was a rare event. Most of the time, the public never has a clue when authorities come knocking and ask a company for “technical assistance” to help get access to digital communications. That makes the true scale of U.S. government surveillance hard to assess—even if we can glean that it’s pervasive nowadays. And probably equally as important, it doesn’t really allow the public to tell just how difficult it is for prosecutors to convince a judge that communications should be turned over.

"Jennifer Granick had harsh words at the Our Security Advocates Conference for the growing state of mass surveillance and government hacking in the United States.

Granick, surveillance and cybersecurity counsel at the American Civil Liberties Union, took the stage at OURSA on Tuesday to discuss the state of modern surveillance and hacking performed by the U.S. government, arguing that both cross the line of traditional legal searches.

"Jennifer Granick, surveillance and cybersecurity counsel at the American Civil Liberties Union (ACLU), noted that “increasingly, modern surveillance is mass surveillance” which can be facilitated by new technologies and the internet.

Secretive large scale surveillance differs from warrant-directed searches by the volume and depth of data and could be abetted by the ease of converting in-home appliances with microphones and cameras into “surveillance machines”, she said."

Pages

Eight years ago, Barack Obama arrived in Washington pledging to reverse the dramatic expansion of state surveillance his predecessor had presided over in the name of fighting terrorism. Instead, the Obama administration saw the Bush era’s “collect it all” approach to surveillance become still more firmly entrenched. Meanwhile, the advanced spying technologies once limited to intelligence agencies have been gradually trickling down to local police departments.

Join Mozilla and Stanford CIS for the second installment in a series of conversations about government hacking. Information from our first event, discussing the upcoming changes to Federal Rule of Criminal Procedure 41, are available at that event’s page here.

On December 1, 2016, significant and controversial changes to Federal Rule of Criminal Procedure 41 are scheduled go into effect. Today, Rule 41 prohibits a federal judge from issuing a search warrant outside of the judge’s district, with some exceptions.Traditionally, federal judges may only issue warrants that will be executed within their own districts. The revised Rule 41 would permit judges to issue search and seizure warrants for computers outside their jurisdictions, in two circumstances: if the computer’s true location has been hidden through technological means (such as Tor), or, in a computer-hacking investigation under the CFAA, if the affected computers are located in five or more districts.

Stanford CIS brings together scholars, academics, legislators, students, programmers, security researchers, and scientists to study the interaction of new technologies and the law and to examine how the synergy between the two can either promote or harm public goods like free speech, innovation, privacy, public commons, diversity, and scientific inquiry. Come hear CIS Directors Jennifer Granick + Daphne Keller and Resident Fellows Riana Pfefferkorn + Luiz Fernando Marrey Moncau talk about our work, and the assistance CIS provides to students in learning about these issues, selecting courses, identifying job opportunities, and making professional connections.

Pages

If you attended a recent march to protest, wrote a check to the ACLU, or recently visited a politically leaning website, consider yourself an activist, says Stanford legal scholar Granick. Not only might the government be watching you, but your digital footprint could end up being visible to people and organizations you never imagined would care. Know your risks and take safety precautions, advises Granick, or don’t be surprised at the troubling outcome.

The internet makes access to information incredibly easy, and we normally see that as a good thing. But what if the information being accessed is details of our private lives? And what if the person accessing them is a government intelligence agency? This week we speak with Jennifer Granick, author of "American Spies" and director of civil liberties at the Stanford Center for Internet and Society, about the quest for privacy in the age of surveillance.